Ask HN: Is it possible to strip SSL and serve plain HTTP to local browsers?
6 comments
Assuming you use Google Chrome, you can start it with a few flags that make it ignore all SSL errors, this will be the "easier" solution than setting up a reverse proxy.
Now, instead of doing any of that, you should maybe try and figure out why you're having so many TLS issues where other people do not.
chrome-wrapper --ignore-certificate-errors --test-type
Otherwise a reverse proxy like Apache, HAProxy, or nginx would work.Now, instead of doing any of that, you should maybe try and figure out why you're having so many TLS issues where other people do not.
I don't think I have an unusual amount of TLS issues per site browsed, I just browse many sites.
For example, today wikiless.org's certificate is expired, and I cannot ignore the error in Waterfox because of HSTS, unless I "forget about this site", which removes all my History entries.
I would estimate that I have about one issue per 100 sites browsed, which adds up.
For example, today wikiless.org's certificate is expired, and I cannot ignore the error in Waterfox because of HSTS, unless I "forget about this site", which removes all my History entries.
I would estimate that I have about one issue per 100 sites browsed, which adds up.
I use at least 30 different browsers, Chrome being one of the least frequent.
This helps, however. Thank you.
This helps, however. Thank you.
I am using nginx as an reverse proxy. depending if its an local or public domain, i use my step-ca acme server or letsencrypt. dehydrated is used to regularly update the certs and i had only problems with devices without my ca.
You might try with nginx acting as a reverse proxy
I'd like to run some kind of proxy which presents as plaintext HTTP to my browser, and goes out and gets content from the HTTPS equivalent of the same site, ignoring all SSL errors. Does anyone know if this is possible?
I am not too concerned about MITM attacks and security in general, because I browse reputatable sites through a reputable ISP in a VM.